The Ashley Madison hack continues to make headlines. Naturally, that's because the news keeps getting worse.
Worse for website owners Avid Media Group. But worse for the real victims, more importantly -- the people named in the hacked data dump.
Prurient interest notwithstanding, there's still plenty to say about this uncomfortable event. And no shortage of intelligent commentators to say it. (And then there's John McAfee.)
In IT Blogwatch, bloggers furiously smh.
Your humble blogwatcher curated these bloggy bits for your entertainment.
As usual, Brian Krebs cycles in to drop this bomb:
Late last week, the Impact Team...released a 30-gigabyte archive that it said were emails lifted from AshleyMadison CEO Noel Biderman. [It alleges that] Raja Bhatia, the founding [CTO] hacked another dating website, exfiltrating their entire user database. ... “I got their entire user base,” Bhatia told Biderman.
As bad as this breach has been for AshleyMadison and its millions of users, it’s likely nowhere near over: Hackers...have just released a “selected dox” archive...including a 100-page movie script co-written by Biderman called “In Bed With Ashley Madison,”...a scan of the CEO’s drivers licence, copies of personal checks, bank account numbers, home address, and his income statements. ... Leaving aside the proliferation of sites that now allow suspicious spouses to search for their significant other’s email address...some users are finding themselves on the receiving end of online extortion attacks. Worse still, [there are] two unconfirmed reports of suicides.
Neither Bhatia nor Biderman could be immediately reached for comment. MORE
Troy Hunt hears from "hundreds" of AM members:
I was being inundated with email...not just asking questions, but often giving me their life stories. [They] shed a very interesting light on the incident...that doesn’t come across in the sensationalist news stories.
One of the things that struck me most about the entire incident [is] the very poor communication from Avid Life. ... There has been no direct communication with members that I’m aware. [It's] appalling...as if they’ve just stuck their fingers in their ears and sung “lalalalalala.” [They] solely focussed on no financial data being compromised. Do they really think that after the most intimate, private aspect of people’s lives has been put on public display that a credit card...is what they’re worried about?!
I want to illustrate how important it is not to immediately assume that everyone on the site is cheating on their partner. [Don't] immediately make assumptions just because someone’s email address was on the site. ... Let us not confuse that with the issue of adultery. ... Many people were indeed just curious [but] extramarital affairs tear families apart. [Nevertheless] you can’t escape the human tragedy that this data breach has brought to a head.
This incident needs to be approached with the understanding that for many people, this is the worst time of their life and for some, it feels like the end of it. MORE
David Kravets sounds sympathetic to Shakespeare's Dick The Butcher:
It's a safe bet that a ton of divorce lawyers and child custody lawyers have already made gobs of cash.
Now another breed of attorney is entering the scene in anticipation of capitalizing on the feeding frenzy. ... Class-action attorneys are currently following the...blood trail in hopes of winning a monetary payday for themselves and the site's millions of members.
The elephant in the room here is how much traction a lawsuit...would get. Ashley Madison site members who sought damages...would have to expose themselves as being one of the site's 39 million account holders. ... A jury might not be so sympathetic to Ashley Madison users' claims that being outed caused them humiliation.
Traditionally, data breach cases have largely ended...with big payouts to plaintiffs lawyers while the victims...get little, if anything. MORE
And Kristen V. Brown alleges another class of people "cashing in":
Steve was desperate for a way to keep his information from spreading...and didn’t want his wife to find out. A few days after the leak, he received an e-mail from a company named Trustify...letting him know that someone had used the tool to search his e-mail address [and] offered to help him hide the exposed data [for] $67 an hour.
We reached out to Trustify for information on how exactly the company plans to help victims. ... Trustify readily admits that it can’t really help anyone hide what’s already out there. “We are in the business of helping customers find the truth, we aren’t in the business of modifying the truth.”
It seems more like cashing in. ... Trustify readily admits that because of the hack, business is booming. ... All Trustify is doing is providing people access to information that’s already public, for a fee, while advertising itself as a solution. MORE
Meanwhile, John McAfee (yes, that John McAfee) alleges another allegation:
Ashley Madison was not hacked - the data was stolen by a woman operating on her own who worked for Avid Life. ... It was an inside job.
I gleaned this information from reliable sources within the Dark Web. ... Any adept social engineer would have easily seen this. ... It was clear that the perpetrator had intimate knowledge of the technology stack of the company.
It seems, without a shadow of doubt, to be an open and shut case. MORE
But rhtimsr1970 ain't so sure:
McAfee's findings are based on his own personal whims for which there are many easy rebuttals.
McAfee is rushing to conclusions. ... I'm not sure why I never bother reading his lunacy anymore. MORE
And dakdestructo agrees:
Read like satire, having no knowledge of this guy beforehand. His reasoning for the perpetrator being a woman seems pretty thin.
He has to brag about himself before giving the evidence just to cover up how ****** it is. "Trust me bro I'm 100% right you don't need to know why but I guess you can read it if you need to." MORE
You have been reading IT Blogwatch by Richi Jennings, who curates the best bloggy bits, finest forums, and weirdest websites… so you don't have to. Catch the key commentary from around the Web every morning. Hatemail may be directed to @RiCHi or firstname.lastname@example.org. Opinions expressed may not represent those of Computerworld. Ask your doctor before reading. Your mileage may vary. E&OE.
Join the CIO Australia group on LinkedIn. The group is open to CIOs, IT Directors, COOs, CTOs and senior IT managers.